Skip to content

@SEC642 SANS SEC642 Course

Change the repository type filter

All

    Repositories list

    24 repositories

    • PayloadsAllTheThings

      Public
      A list of useful payloads and bypass for Web Application Security and Pentest/CTF
      Python
      MIT License
      15k100Updated Apr 27, 2021Apr 27, 2021

    • SEC642_papers

      Public
      This repository is a collection of papers used in the course that has been deprecated on the wide internet
      1300Updated Apr 15, 2021Apr 15, 2021

    • Pentest-In-Docker

      Public
      Docker image to exploit RCE, try for pentest methods and test container security solutions (trivy, falco and etc.)
      Dockerfile
      GNU General Public License v3.0
      41000Updated Dec 15, 2020Dec 15, 2020

    • nosqlinjection_wordlists

      Public
      This repository contains payload to test NoSQL Injections
      MIT License
      69000Updated May 27, 2020May 27, 2020

    • sec642_wiki

      Public template
      Template for writing labs in Markdown with emphasis on print and electronic access, style
      CSS
      6200Updated Apr 24, 2020Apr 24, 2020

    • sockettome-1

      Public
      A lab for security testing web sockets
      PHP
      GNU General Public License v3.0
      2000Updated Dec 31, 2019Dec 31, 2019

    • ssrf-playground

      Public
      A playground to practice SSRF Attacks against web apps
      Go
      14000Updated Oct 15, 2018Oct 15, 2018

    • Vulnerable-OAuth-2.0-Applications

      Public
      vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
      JavaScript
      71100Updated Sep 15, 2018Sep 15, 2018

    • nosqlilab

      Public
      A lab for playing with NoSQL Injection
      PHP
      40000Updated Aug 3, 2017Aug 3, 2017

    • dojo-basic

      Public
      PHP
      3410Updated Mar 10, 2017Mar 10, 2017

    • webservice

      Public
      Basic vulnerable SOAP webservice
      PHP
      1000Updated May 17, 2016May 17, 2016

    • evilbank

      Public
      Vulnerable web app with captcha weaknesses
      JavaScript
      2000Updated May 17, 2016May 17, 2016

    • evilcaptcha

      Public
      Vulnerable web app with captcha challenge
      PHP
      1000Updated May 17, 2016May 17, 2016

    • crazycars

      Public
      Vulnerable web app with crypto weaknesses
      PHP
      2000Updated May 16, 2016May 16, 2016

    • fileboss

      Public
      Vulnerable web app with crypto weakness
      PHP
      1000Updated May 16, 2016May 16, 2016

    • failpics

      Public
      Vulnerable web app with URL tamper protection weakness
      PHP
      2000Updated May 16, 2016May 16, 2016

    • modsec

      Public
      Basic app to practice modsec bypass
      Lua
      252210Updated May 12, 2016May 12, 2016

    • nodegoat

      Public
      Older version of nodegoat
      HTML
      Apache License 2.0
      1000Updated Apr 15, 2016Apr 15, 2016

    • typejuggler

      Public
      Vulnerable PHP app to demonstrate type juggling
      PHP
      2000Updated Apr 15, 2016Apr 15, 2016

    • bookmarker

      Public
      Vulnerable PHP app for Mass Assignment
      PHP
      2000Updated Apr 15, 2016Apr 15, 2016

    • sockettome

      Public
      PHP
      2000Updated Apr 13, 2016Apr 13, 2016

    • dataencoding

      Public
      Vulnerable web app with hashing weaknesses
      PHP
      1000Updated Mar 25, 2016Mar 25, 2016

    • bankservice

      Public
      Backend vunerable bank service for mobile app
      Python
      BSD 4-Clause "Original" or "Old" License
      3300Updated Mar 25, 2016Mar 25, 2016

    • CryptOMG

      Public
      CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
      PHP
      GNU General Public License v3.0
      49000Updated Jun 25, 2015Jun 25, 2015